package cz.spock.core.entity.acl;

import javax.persistence.Entity;
import javax.persistence.Id;

import com.googlecode.objectify.Key;
import com.googlecode.objectify.annotation.Cached;

import cz.spock.core.entity.Account;

/**
 * here are access rights stored
 * 
 * each record represents access rights for role-entity or account-entity relation
 * 
 * only one of account and role fields should be set
 * 
 * by default, this table is empty, owners and admins can create new roles and access rights for specified entities
 * 
 * when searching for access right, lookup in this table must be performed first, then default acl is used
 * 
 * 2 roles with different access rights are not solved on database layer, expected behavior can be OR, AND... depending on application logic
 * 
 * @author miso
 *
 */
@Entity
@Cached
public class Acl {

    @Id
    private Long id;
    private Key<Role> role;
    private Key<Account> account;
    private Key entity;
    private int rights;
    
    public Long getId() {
        return id;
    }
    public void setId(Long id) {
        this.id = id;
    }
    public Key<Role> getRole() {
        return role;
    }
    public void setRole(Key<Role> role) {
        this.role = role;
    }
    public Key<Account> getAccount() {
        return account;
    }
    public void setAccount(Key<Account> account) {
        this.account = account;
    }
    public Key getEntity() {
        return entity;
    }
    public void setEntity(Key entity) {
        this.entity = entity;
    }
    public int getRights() {
        return rights;
    }
    public void setRights(int rights) {
        this.rights = rights;
    }
}
